search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated VU# CVSS Title
2021-12-15 2021-12-15 2022-01-14 VU#930724 Apache Log4j allows insecure JNDI lookups
2022-01-07 2022-01-07 2022-01-09 VU#142629 Silicon Labs Z-Wave chipsets contain multiple vulnerabilities
2018-01-04 2018-01-03 2022-01-07 VU#584653 5.1 CPU hardware vulnerable to side-channel attacks
2018-05-03 2018-05-03 2022-01-07 VU#283803 2.7 Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch")
2021-12-22 2021-12-22 2021-12-22 VU#692873 Saviynt Enterprise Identity Cloud vulnerable to local user enumeration and authentication bypass
2021-05-24 2021-05-24 2021-12-09 VU#799380 Devices supporting Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure
2021-11-09 2021-11-09 2021-11-09 VU#999008 Compilers permit Unicode control and homoglyph characters
2021-07-20 2021-07-20 2021-10-07 VU#914124 Arcadyan-based routers and modems vulnerable to authentication bypass
2021-01-19 2021-01-19 2021-10-06 VU#434904 Dnsmasq is vulnerable to memory corruption and cache poisoning
2021-10-04 2021-10-04 2021-10-05 VU#883754 Salesforce DX command line interface (CLI) does not adequately protect sfdxurl credentials
2021-08-02 2021-08-02 2021-10-05 VU#405600 Microsoft Windows Active Directory Certificate Services can allow for AD compromise via PetitPotam NTLM relay attacks
2021-07-18 2021-07-18 2021-09-14 VU#131152 Microsoft Windows Print Spooler Point and Print allows installation of arbitrary queue-specific files
2021-08-06 2021-08-06 2021-08-12 VU#357312 HTTP Request Smuggling in Web Proxies
2021-08-10 2021-08-10 2021-08-10 VU#608209 NicheStack embedded TCP/IP has vulnerabilities
2021-06-30 2021-06-30 2021-08-03 VU#383432 Microsoft Windows Print Spooler allows for RCE via AddPrinterDriverEx()

Sponsored by CISA.